Scenario / Questions
On the Windows platform, what native options to I have to check if a port (3306, for example) on my local machine (as in
localhost), is being blocked?
Find below all possible solutions or suggestions for the above questions..
Since you are on the Windows machine, these things can be done,
Execute the following command and look for a “:3306” listener (you did not mention UDP/TCP). This will confirm there is something running on the port.
netstat -a -n
After this, if you are expecting incoming connections on this port and feel that the firewall may be blocking them, you could start windows firewall logging and check the logs for dropped connections
- Go to the Windows Firewall, Advanced settings
- Click on the Settings button next to “Local Area Connection”
- Select “Log dropped packets”
- Look at the log file location (if not present define one)
- Click OK
- Now, when the connection attempt is made (assuming you know when this is done), look at the log file for a drop on port 3306.
- If this is seen, you will want to add an exception for this port.
There is one more command to check the firewall state
(Update for Windows 7 users — as referred by
Nickbelow — use netsh advfirewall firewall)
netsh firewall show state
- this will list the blocked ports as well as active listening ports with application associations
This command will dump the Windows firewall configuration detail
netsh firewall show config
If you have an active block (incoming connections are being dropped by firewall) after you start logging, you should see that in the log.
If you are running an application/service that is listening on 3306, the firewall config should show it to be Enabled. If this is not seen, you have probably missed adding an exception with the firewall to allow this app/service.
Finally, port 3306 is typically used for MySQL. So, I presume you are running MySQL server on this windows machine. You should therefore see a listener for 3306 accepting incoming connections. If you do not see that, you need to work with your application (MySQL) to get that started first.
NETSTAT will tell you if the port is listening but it will not tell you if the port is open to the outside world. What I mean by this is that
NETSTAT may show that the 0.0.0.0 is LISTENING on port 3306 but a firewall may still be blocking that port which is preventing outside connections; so it isn’t sufficient to rely on
The best way to check if a port is blocked is to do a port scan from the client machine.
To test all open ports:
portqry.exe -n #.#.#.#
To test a specific port:
portqry.exe -n #.#.#.# -e #
For example to test the Web interface of a router at 192.168.1.1:
portqry.exe -n 192.168.1.1 -e 80
TCP port 80 (http service): LISTENING
Where as testing on a local machine with no HTTPD running returns:
TCP port 80 (http service): NOT LISTENING
Using a PortScan utility you will get one of 3 results.
Listeningmeans the server is listening on the specified port
Filteredmeans it received a TCP acknowledgement packet with the Reset flag set which likely indicates a firewall or software issue
Not Listeningmeans it didn’t receive a response at all
telnet is another command line option that is usually installed on the OS by default. This command line utility can be used a quick way to see if a port responds to a network request.
telnet you would simply issue the following command from a command prompt:
telnet localhost 3306
The command above should give you a quick indication if the port
3306 on the
localhost is responding.
Since PowerShell 4.0 you can use the command
If you want to test Port 3306 as in your example the command is
Test-NetConnection -ComputerName localhost -Port 3306
If you can telnet to the port from the local machine (using the external IP address), but not from another machine – then it is being blocked somewhere between.
Note that a firewall on your local machine could prevent even the first action.
Disclaimer: This has been sourced from a third party syndicated feed through internet. We are not responsibility or liability for its dependability, trustworthiness, reliability and data of the text. We reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever.